java.lang.Object
org.elasticsearch.common.component.AbstractLifecycleComponent
org.elasticsearch.xpack.security.authc.Realms
- All Implemented Interfaces:
Closeable,AutoCloseable,Iterable<Realm>,LifecycleComponent,org.elasticsearch.core.Releasable,ReloadableSecurityComponent
public class Realms
extends AbstractLifecycleComponent
implements Iterable<Realm>, ReloadableSecurityComponent
Serves as a realms registry (also responsible for ordering the realms appropriately)
-
Field Summary
Fields inherited from class org.elasticsearch.common.component.AbstractLifecycleComponent
lifecycle -
Constructor Summary
ConstructorsConstructorDescriptionRealms(Settings settings, Environment env, Map<String, Realm.Factory> factories, XPackLicenseState licenseState, ThreadContext threadContext, ReservedRealm reservedRealm) -
Method Summary
Modifier and TypeMethodDescriptioncalculateLicensedRealms(XPackLicenseState licenseStateSnapshot) protected voiddoClose()protected voiddoStart()protected voiddoStop()getDomainConfig(String domainName) getRealmRef(RealmConfig.RealmIdentifier realmIdentifier) Retrieves theAuthentication.RealmRef, which contains theDomainConfig, if configured, for the passed inRealmConfig.RealmIdentifier.Returns a list of realms that are configured, but are not permitted under the current license.protected voidhandleDisabledRealmDueToLicenseChange(Realm realm, XPackLicenseState licenseStateSnapshot) initRealms(List<RealmConfig> realmConfigs) static booleanisRealmTypeAvailable(XPackLicenseState licenseState, String type) iterator()realmFactory(String type) protected voidvoidCalled when a reload security settings action is executed.stream()voidusageStats(ActionListener<Map<String, Object>> listener) Methods inherited from class org.elasticsearch.common.component.AbstractLifecycleComponent
addLifecycleListener, close, lifecycleState, start, stopMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface java.lang.Iterable
forEach, spliterator
-
Constructor Details
-
Realms
public Realms(Settings settings, Environment env, Map<String, Realm.Factory> factories, XPackLicenseState licenseState, ThreadContext threadContext, ReservedRealm reservedRealm) throws Exception- Throws:
Exception
-
-
Method Details
-
recomputeActiveRealms
protected void recomputeActiveRealms() -
handleDisabledRealmDueToLicenseChange
protected void handleDisabledRealmDueToLicenseChange(Realm realm, XPackLicenseState licenseStateSnapshot) -
iterator
-
getUnlicensedRealms
Returns a list of realms that are configured, but are not permitted under the current license. -
stream
-
getActiveRealms
-
getDomainConfig
-
calculateLicensedRealms
-
isRealmTypeAvailable
-
realm
-
realmFactory
-
initRealms
- Throws:
Exception
-
usageStats
-
domainUsageStats
-
getRealmRef
Retrieves theAuthentication.RealmRef, which contains theDomainConfig, if configured, for the passed inRealmConfig.RealmIdentifier. If the realm is not currently configured,nullis returned. -
getNativeRealmRef
-
getFileRealmRef
-
getReservedRealmRef
-
doStart
protected void doStart()- Specified by:
doStartin classAbstractLifecycleComponent
-
doStop
protected void doStop()- Specified by:
doStopin classAbstractLifecycleComponent
-
doClose
- Specified by:
doClosein classAbstractLifecycleComponent- Throws:
IOException
-
reload
Description copied from interface:ReloadableSecurityComponentCalled when a reload security settings action is executed. The reload operation must be completed when this method returns. Strictly speaking, thesettingsargument should not be accessed outside of this method's call stack, as any values stored in the node's keystore (seeSecureSetting) will not otherwise be retrievable.There is no guarantee that the secure setting's values have actually changed. Hence, it's up to implementor to detect if the actual internal reloading is necessary.
Any failure during the reloading should be signaled by raising an exception.
For additional info, see also:
ReloadablePlugin.reload(Settings).- Specified by:
reloadin interfaceReloadableSecurityComponent- Parameters:
settings- Settings include the initial node's settings and all decrypted secure settings from the keystore. Absence of a particular secure setting may mean that the setting was either never configured or that it was simply removed.
-